Zip File Extraction Vulnerability in SAP Disclosure Management 10.x
CVE-2018-2487 · MEDIUM Severity
AV:N/AC:H/AU:N/C:P/I:P/A:P
SAP Disclosure Management 10.x allows an attacker to exploit through a specially crafted zip file provided by users: When extracted in specific use cases, files within this zip file can land in different locations than the originally intended extraction point.
Learn more about our User Device Pen Test.